Why it is a bad idea to block youtube IP address?

Why it is a bad idea to block youtube IP address?

IP address, L7-filter, layer 7
[caption id="attachment_1136" align="alignleft" width="251"] no youtube in our office[/caption] so, at my client's office, there was a need to block youtube access during working hours (08:00-17:00). the local administrator there tried to create rules on mikrotik router OS firewall, using layer7-filter, block youtube ip address, and the result is more complaints from user :-( (more…)
Read More
Why it is a bad idea to drop packets using l7-filter on mikrotik

Why it is a bad idea to drop packets using l7-filter on mikrotik

firewall, L7-filter, Regex
[caption id="attachment_1079" align="alignleft" width="300"] picture from wikipedia[/caption] This article will explain the effect on RouterOS if you drop packets using l7-filter on mikrotik. As we know from previous articles here,  mikrotik supports Regex for pattern matching. one of its purpose to match traffic based on information on layer 7 (application layer). Mikrotik has wiki page that explain how the L7 filter works. and on that page, they already warns user that using l7-filter for dropping packet will increase CPU usage and cause router instability. (more…)
Read More
Understanding regex on Mikrotik RouterOS

Understanding regex on Mikrotik RouterOS

firewall, layer 7, Regex
[caption id="attachment_1076" align="alignleft" width="209"] image from www.cs.iit.edu[/caption] regex on Mikrotik RouterOS. Regex means regular expression. Is a feature / function to create pattern matcher. because of that capability regex is mostly used on Firewall, routing filter, and anything that is related to pattern matching. So our main job here is to create a pattern and regex has its own symbols to define a pattern. one good page that explains list of regex pattern matcher can be found here. (more…)
Read More